the case of the stolen laptop

Dell D630 Laptop Photo Courtesy Dell, Inc.

spacer

June 1, 2008:  The saga of the PCNS customer, whose employee's new Dell laptop was stolen. Here's an account of what happened to a client's Dell Laptop, which was stolen on April 9, 2008.   If you aren't privy to what goes on when computer goods get stolen, hopefully you will find this enlightening, especially if you live in the southern or southwestern United States.

April 9, 2008:  An employee of a PCNS client had his Dell Latitude D630 Notebook PC stolen from his SUV.  He was at his Son's basketball game at a church off Lovers Lane, in Dallas Texas.  The lack of parking lot lighting (and a clearly visible briefcase) made it a tempting target.  A police report was filed with the Dallas Police Department.  Following the incident we approached Computrace, as the customer purchased the Dell Laptop with the Computrace option.

History

The Dell Notebook, in service for less than one week, was purchased with Computrace Asset Tracking.   This is a small piece of software code which resides in the Bios of the PC.  In laymen's terms, the BIOS is the blue Dell Logo (and sometimes cryptic messages) you see when you first power up the computer.  It runs a general test of all the hardware.  It resides in a portion of non-volatile memory on the system board of the laptop.  The Bios is the code which contains instructions on how the Microprocessor, Memory, Chipset, and other hardware components interact with the software instructions with the hard drive.  The Latitude Notebooks have an area in Bios where auxillary software can be stored, in this case the CompuTrace Asset tracking agent.  This agent remains installed in the notebook for the life of the notebook, and it cannot be removed or disabled.  It remains active as long as the subscription period is active - in our case, the client signed up for 3 years service, a $99 option when customizing the Dell Latitude notebook.  It is mainly used by large corporations for Asset Tracking.  With occurrences of ID theft of Social Security Numbers making national headlines, it's in a Company's best interest to be able to track their assets and affect a response when Company property is stolen.

The Latest News

May 23, 2008:  After a long absence, PCNS received an email message from Computrace.   The laptop phoned home!  Unfortunately, it phoned home from Mexico, where Computrace has no jurisdiction.  PCNS is working with a corporate head of security of a Dallas based management company.  Last month he predicted we would not recover the notebook, citing, due to our geographic location, it would wind up in Mexico.   Further, he stated, they are not after doing ID Theft, but instead have more basic needs.  Since the laptop was in the user's hands for less than a day there was no corporate or user information on the laptop.  They want the notebook so they can flip and sell it.  Evidently it's very easy to transport the stolen property to Mexico.  The security head reporting that they do not inspect trucks going South of the Border, only North.

The CompuTrace asset report confirms his predictions.  All of the existing software was wiped and Spanish Language Windows XP was installed.  Gone was original Office 2007, the customer's corporate copy of McAfee Virus Scan Enterprise was replaced with Panda Internet Security 2008.  Also missing from the hard drive was some Autodesk software.

Ok, Now that we know where the Laptop is located what can be Done?

Unfortunately, being in Mexico, not a whole lot.  We can wait.  There is evidence to suggest this laptop was procured by a business.  In the event the owner of the laptop travels to the US, Europe, or some central American Countries, where Computrace has a presence, the stolen laptop can be traced, tracked, and possibly recovered.

The other option is we can send it a kill command.  The next time the laptop gets connected to the Internet, the bios agent can start performing a disk wipe.   So if the user doesn't backup his hard drive (the majority of users do not backup) the new owner could have a really bad day.  If the user reinstalls the operating system, (whether or not the new user made a backup) the disk wipe will occur repeatedly, as soon as the PC is connected to the Internet, making the Notebook PC largely useless.   From that point on, the Laptop will be stripped for usable parts, and presumably sold off all but the motherboard can be salvaged.

If Computrace develops a presence in Mexico, this could be a huge win for the Computrace and its customers.  If the owner of this stolen laptop is reading this, then beware, we're watching you!

Or, to put it another way:

We're watching you!



Photo courtesy of Dell, Inc.

Tips for preventing theft of your Laptop